Appleseed Being Distributed to Nuclear Power Plant-Related Companies
The ASEC analysis team has recently discovered a case of AppleSeed being distributed to nuclear power plant-related companies. AppleSeed is a backdoor malware used by Kimsuky, one of the organizations affiliated with North Korea, and this malware is being actively distributed to many companies. AppleSeed Disguised as Purchase Order and
AppleSeed Being Distributed to Maintenance Company of Military Bases
The ASEC analysis team has recently discovered a case of AppleSeed being distributed to a certain maintenance company of military bases. AppleSeed is a backdoor malware mainly used by the Kimsuky group and is actively being distributed to multiple attack targets as of late. AppleSeed Disguised as Purchase Order and
AppleSeed Disguised as Purchase Order and Request Form Being Distributed
The ASEC analysis team has recently discovered the distribution of AppleSeed disguised as purchase orders and request forms. AppleSeed is a backdoor malware mainly used by the Kimsuky group. It stays in the system and performs malicious behaviors by receiving commands from attackers. Analysis Report on Kimsuky Group’s APT Attacks
AppleSeed Disguised as Wi-Fi Router Firmware Installer Being Distributed
On May 26th, the ASEC analysis team discovered the distribution of AppleSeed disguised as a Wi-Fi router firmware installer. Previously discovered AppleSeed strains were mainly distributed by disguising themselves as normal document or image files. The dropper malware that creates AppleSeed either used script formats such as JS (Java Script)
APT Attack Cases of Kimsuky Group (PebbleDash)
The ASEC analysis team has been keeping an eye on the trend of malware that attempts APT attacks, sharing findings on the blog. In this confirmed case, PebbleDash backdoor was used in the attack, but logs of AppleSeed, Meterpreter, and other additional malware strains were also found. PebbleDash Backdoor The
Analysis Report on Kimsuky Group’s APT Attacks (AppleSeed, PebbleDash)
This document is an analysis report on types of malware recently utilized by the Kimsuky group. The Kimsuky group is mainly known for launching social engineering attacks such as spear phishing. Judging by the names of the attached files, the group seems to be targeting those working in the fields
